View source for The dirty secrets of client-side exploitation and protection

From BruCON 2017

← The dirty secrets of client-side exploitation and protection

You do not have permission to edit this page, for the following reason:

The action you have requested is limited to users in the group: Users.

You can view and copy the source of this page.

It’s no secret that client-side attacks are what gets attackers a foothold on the network, allowing them to wreak havoc and exfiltrate precious business data. Performing client-side attacks however is not as easy as it looks, neither is protecting against them.
In this 4 hour workshop we will focus on what it takes to successfully run a client-side attack. We will cover initial intelligence gathering, exploit staging and execution and data exfiltration. Every topic will be accompanied with hands-on practical exercise. 
The second part of the workshop will cover the analysis of the specific attacks, the tools available to defenders and how to enable security teams to detect and prevent these specific attacks in the most efficient manner.
The workshop as a whole will help both penetration testers and defensive security professionals to hone their skills and raise the bar on both sides.

Return to The dirty secrets of client-side exploitation and protection.

Retrieved from "https://2017.brucon.org/index.php/The_dirty_secrets_of_client-side_exploitation_and_protection"

navigation

SEARCH

TOOLBOX

LANGUAGES

View source for The dirty secrets of client-side exploitation and protection

From BruCON 2017